> On 09/13/2003 05:06 PM, David Wagner wrote:
>  > Quantum cryptography *assumes* that you
>  > have an authentic, untamperable channel between sender and receiver.
> Not true.  The signal is continually checked for
> tampering;  no assumption need be made.

Quantum crypto only helps me exchange a key with whoever
is on the other end of the fibre optic link.  How do I know
that the person I exchanged a key with is the person I wanted
to exchange a key with?  I don't ... unless I can make extra
assumptions (such as that I have a guaranteed-authentic channel
to the party I want to communicate with).

If I can't make any physical assumptions about the authenticity
properties of the underlying channel, I can end up with a scenario
like this: I wanted to exchange a key securely with Bob, but instead,
unbeknownest to me, I ended up securely exchanging key with Mallet.

I believe the following is an accurate characterization:
 Quantum provides confidentiality (protection against eavesdropping),
 but only if you've already established authenticity (protection
 against man-in-the-middle attacks) some other way.
Tell me if I got anything wrong.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to